Envoyer sur votre Kindle ou un autre appareil


Essai gratuit

Découvrez gratuitement un extrait de ce titre

Envoyer sur votre Kindle ou un autre appareil

Désolé, cet article n'est pas disponible en
Image non disponible pour la
couleur :
Image non disponible

The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory [Format Kindle]

Michael Hale Ligh

Prix conseillé : EUR 54,86 De quoi s'agit-il ?
Prix éditeur - format imprimé : EUR 61,32
Prix Kindle : EUR 42,87 TTC & envoi gratuit via réseau sans fil par Amazon Whispernet
Économisez : EUR 18,45 (30%)

  • Longueur : 912 pages
  • Langue : Anglais
  • En raison de la taille importante du fichier, ce livre peut prendre plus de temps à télécharger
  • Vous n'avez pas encore de Kindle ? Achetez-le ici Ou commencez à lire dès maintenant avec l'une de nos applications de lecture Kindle gratuites.
App de lecture Kindle gratuite Tout le monde peut lire les livres Kindle, même sans un appareil Kindle, grâce à l'appli Kindle GRATUITE pour les smartphones, les tablettes et les ordinateurs.

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.


Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle EUR 42,87  
Broché EUR 61,24  

Descriptions du produit

Présentation de l'éditeur

Memory forensics provides cutting edge technology to helpinvestigate digital attacks

Memory forensics is the art of analyzing computer memory (RAM)to solve digital crimes. As a follow-up to the best seller MalwareAnalyst's Cookbook, experts in the fields of malware, security, anddigital forensics bring you a step-by-step guide to memoryforensics—now the most sought after skill in the digitalforensics and incident response fields.

Beginning with introductory concepts and moving toward theadvanced, The Art of Memory Forensics: Detecting Malware andThreats in Windows, Linux, and Mac Memory is based on a five daytraining course that the authors have presented to hundreds ofstudents. It is the only book on the market that focusesexclusively on memory forensics and how to deploy such techniquesproperly. Discover memory forensics techniques:

  • How volatile memory analysis improves digitalinvestigations
  • Proper investigative steps for detecting stealth malware andadvanced threats
  • How to use free, open source tools for conducting thoroughmemory forensics
  • Ways to acquire memory from suspect systems in a forensicallysound manner

The next era of malware and security breaches are moresophisticated and targeted, and the volatile memory of a computeris often overlooked or destroyed as part of the incident responseprocess. The Art of Memory Forensics explains the latesttechnological innovations in digital forensics to help bridge thisgap. It covers the most popular and recently released versions ofWindows, Linux, and Mac, including both the 32 and 64-biteditions.

Quatrième de couverture

SOPHISTICATED DISCOVERY AND ANALYSIS FOR THE NEXT WAVE OF DIGITAL ATTACKS The Art of Memory Forensics , a follow–up to the bestselling Malware Analyst’s Cookbook , is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must–have skill for combating the next era of advanced malware, targeted attacks, security breaches, and online crime. As breaches and attacks become more sophisticated, analyzing volatile memory becomes ever more critical to the investigative process. This book provides a comprehensive guide to performing memory forensics for Windows, Linux, and Mac systems, including x64 architectures. Based on the authors’ popular training course, coverage includes memory acquisition, rootkits, tracking user activity, and more, plus case studies that illustrate the real–world application of the techniques presented. Bonus materials include industry–applicable exercises, sample memory dumps, and cutting–edge memory forensics software. Memory forensics is the art of analyzing RAM to solve digital crimes. Conventional incident response often overlooks volatile memory, which contains crucial information that can prove or disprove the system’s involvement in a crime, and can even destroy it completely. By implementing memory forensics techniques, analysts are able to preserve memory resident artifacts which often provides a more efficient strategy for investigating modern threats. In The Art of Memory Forensics , the Volatility Project’s team of experts provides functional guidance and practical advice that helps readers to: Acquire memory from suspect systems in a forensically sound manner Learn best practices for Windows, Linux, and Mac memory forensics Discover how volatile memory analysis improves digital investigations Delineate the proper investigative steps for detecting stealth malware and advanced threats Use free, open source tools to conduct thorough memory forensics investigations Generate timelines, track user activity, find hidden artifacts, and more The companion website provides exercises for each chapter, plus data that can be used to test the various memory analysis techniques in the book. Visit our website at www.wiley.com/go/memoryforensics.

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 12473 KB
  • Nombre de pages de l'édition imprimée : 912 pages
  • Editeur : Wiley; Édition : 1 (22 juillet 2014)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Classement des meilleures ventes d'Amazon: n°153.219 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  •  Souhaitez-vous faire modifier les images ?

En savoir plus sur les auteurs

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles
Commentaires client les plus utiles sur Amazon.com (beta)
Amazon.com: 5.0 étoiles sur 5  27 commentaires
9 internautes sur 9 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 A great book. 5 août 2014
Par Borja Merino - Publié sur Amazon.com
I recommend this book without a doubt to all those engaged in malware analysis and forensics. Very well organized. In my case, it has been really useful to know different alternatives to detect and understand advanced malware in kernel space (rootkits) from a memory dump. The book uses practical examples of current malware to teach you how to use Volatility for its detection and analysis. It explains very well the inner-working of the memory manager and the structures used by the operating system to manage processes, connections, etc. These concepts are fundamental to understanding the logic and techniques implemented by the Volatility plugins. It also uses multiple references to external sources to further enrich the content of the book. In short, a great book.
6 internautes sur 6 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Outstanding Text Needs Additional Web Resources 18 septembre 2014
Par Let's Compare Options Preptorial - Publié sur Amazon.com
Format:Broché|Achat vérifié
At this writing (Fall 2014) the Wiley instructor companion website is not up to Wiley standards (yet). I wanted to test the code for this review, but the code section on the site only defaults to the creative commons license (both the code and license links). Same with all the chapters, they only display commons, a strawman syllabus and an intro letter. They only resource that is already up is the Powerpoint presentation, and at over 100 pages it is simply OUTSTANDING, which whets the appetite even more for the rest of the outlines, solutions, code, and much more.

So, Wiley, get with it! If you are considering buying this, add your vote in comments and Wiley might listen. I'll update this once we get the code, both with quality of the code and where it can be used. Going over the license so far, it is quite generous, much like GNU with an attribution link, although of course more robust beyond teaching (eg commercial) if you do get permission. The text itself has wonderful, up to date sploit and software info, patches, etc. but the site, for a book this costly, needs to be completed. I'm not recommending you pass on this because of it, but we won't be getting the full value for our purchase, nor will our students, until the site is completed.

REVIEW UPDATE: SEE MICHAEL'S COMMENT ATTACHED TO THIS REVIEW. Although Amazon's automated system generally removes links, the comment gives complete and up to date online resources for this book, as the publisher's link is incomplete, and will not be updated. The publisher promotion of online evidence samples, code, etc. is not wrong or deceptive, it is just on github rather than the publisher's site as indicated. PLEASE VIEW THE COMMENT AND VISIT THE SITES INDICATED IN THE COMMENT BEFORE LEAVING A NEGATIVE REVIEW-- the resources ARE there, just not where advertised. Also, see Michael's other best seller at: Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code.

If you are price conscious, notice that in addition to the generous web resources in the comment (including open source/ freeware), the book is over 900 pages long, and PACKED with practical, use-it-now reference and learning tools. I've already visited the samples, and they are awesome, especially given that they cover the most frequent o/s permutations. Both Windows and Linux give the exact traces indicated, these authors are the real thing.
6 internautes sur 7 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Most complete book written by the top minds in memory forensics! 9 août 2014
Par jcrook - Publié sur Amazon.com
The Art of Memory Forensics is a must have book if you do any type of work with incident response, malware analysis or other types of forensic investigations. I have talked to people that have not yet incorporated memory forensics into their processes and this book truly shows the value one can gain in doing so.

I was lucky enough to get an advanced copy to review and was amazed at the amount of content that is packed into this book. You go from acquisition tools and techniques to full investigations along with everything in between in 800+ pages. The authors were able to take their real world experiences along with their wealth of knowledge and explain some very complex topics in way that most people can easily understand. They also walk through the topics covered in the book with practical examples as well as including memory images that you can follow along with.

Regardless of your current experience in memory forensics, after reading this book you will have gained a wealth of new knowledge that you can immediately apply to your current investigations.
3 internautes sur 3 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 The Best Book Ever and You will never put it down 14 novembre 2014
Par Monnappa - Publié sur Amazon.com
Format:Broché|Achat vérifié
This book is one of the best book i have read in recent years. This is a book for anyone in the field of Incident Response, Malware Analysis, Reverse Engineering and Digital Forensics. This book is written by the Core Developers of Volatility and pioneers in the field of memory forensics.The book is very well structured it covers the internals of the Operating System and then the authors explain how the structures are used by the plugins, the authors also show how these plugins can be run against the memory images with real case examples to identify forensic artifacts. In many cases the authors show how to access the operating system structures programmatically using the volshell, this can help in writing your own plugins and also the author references various external sources where you can find more information on a specific topic. The book covers many creative techniques that you can apply in the real world and it also covers information on the Anti-Forensics techniques and how to detect them by cross referencing them with different plugins/data sources. The amount of detail explained in the book shows the knowledge and amount of research the authors have done in this field and the effort the authors have put in to write this book and the Volatility plugins. In short After reading this book you will understand how the operating system works, how the Volatility works, how malware works, how memory forensics work, how to identify the malware and forensic artifacts using memory forensics, how to write your own plugin. I have never seen any book covering these many details, this is one book for everything on memory forensics. This definitely should be the Book of the Year. If there was an option of giving this book ten stars, i would give it ten stars.
2 internautes sur 2 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Invaluable 23 février 2015
Par David C. Malone - Publié sur Amazon.com
Format:Broché|Achat vérifié
I have worked in I.T. for 15 years - in Windows system administration, database administration, and utility software development. About one month ago I started reading heavily on security, and planned for 2015 a shift in career focus to that discipline. So I bought this book and began to read. This had immediate payoff just 2 days ago when I noticed an email from our security team that an IDS had detected a possible Trojan signature on one of our servers. Another analyst ran a full AV scan, and when she found nothing, the email thread dried up. Not so convinced (I had just read the fact on Mandiant's website that "100% of victims had up-to-date AV software), I triggered a complete memory dump on the server using LiveKD and began working on it with WinDbg commands and Volatility Framework. Within the first few hours, it appeared that there certainly looked to be a rootkit-like presence, but with my limited security knowledge and, even though I debug a kernel dump every now and then, I don't usually look at things like the IDT 2e entry, etc. However, 15 hours into researching my first real-life production issue, I completely narrowed down the source and contacted the security team and account management. This server would have continued to operate under the radar with the standard tools continually missing the malware's presence and caused who knows what problems. Thanks to one of the most well-organized, well-written, and informative I.T. books I have ever read, I was able to effectively isolate this piece of malware. This book is an absolute must for anyone even employed in I.T. with responsibilities over safeguarding company networks and infrastructure, and (unfortunately) these days, should probably be employed by anyone at all that plugs in an Ethernet cable or attaches to Wi-Fi! Outstanding material - thanks very much.
Ces commentaires ont-ils été utiles ?   Dites-le-nous

Discussions entre clients

Le forum concernant ce produit
Discussion Réponses Message le plus récent
Pas de discussions pour l'instant

Posez des questions, partagez votre opinion, gagnez en compréhension
Démarrer une nouvelle discussion
Première publication:
Aller s'identifier

Rechercher parmi les discussions des clients
Rechercher dans toutes les discussions Amazon

Rechercher des articles similaires par rubrique